Hacker News new | past | comments | ask | show | jobs | submit login

Logging in as a given user doesn't provide admins with any data that isn't already available in database backups and log files. If a startup only has one developer, then that developer already has access to every user's data, regardless of whether you allow frontend access.

There are many types of applications where that level of privacy would not be okay. But actually protecting the users' privacy is non-trivial. Short of encrypting all user-provided data, I don't see how you could prevent every startup employee from seeing any data.

Larger companies usually separate their operations and development teams, partially for this reason. Developers aren't allowed to access production data or servers. That at least limits the number of people with access to a trusted few, at the cost of a substantially more complicated development/release process.




I guess I am biased because I work at an organization with separate development, operations, and support groups. I work for the operations side of things and I can't image just letting support logging in as users. it just seems wrong.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: